Link Windows Agents During Installation

Required User Role: User with administrator privileges


Nessus Agents can be deployed and linked on Windows through the msiexec command. See example below:

# msiexec /i NessusAgent-versionnumber.msi NESSUS_GROUPS="Remote Agent Group 1"NESSUS_SERVER="192.0.2..34:8834" NESSUS_KEY=00a0927cb3df64d466ccd7ccbcc2d63fea1ea91f5ea5ebe22390a4d69caa6c6acf /qn

The following are available linking parameters:

Parameter Description
NESSUS_OFFLINE_INSTALL You can install the Nessus Agent on a system even if it is offline. Add the command line option NESSUS_OFFLINE_INSTALL="yes" to the command line input. The Nessus Agent will periodically attempt to link itself to either or Nessus Manager. If the agent cannot connect to the controller then it retries every hour, and if the agent can connect to the controller but the link fails then it retries every 24 hours.
ADDLOCAL=ALL Install the Nessus Agent System Tray Application.
ADDLOCAL=ALL Install the Nessus Agent system tray application, as described in Configure and View the System Tray Application in the Nessus Agent Deployment and User Guide.
NESSUS_PLUGINS_FILEPATH="C:\path\to\plugins_set.tgz" Install a full plugins set before linking to reduce the bandwidth impact during a mass installation. Add the command line option NESSUS_PLUGINS_FILEPATH="C:\path\to\plugins_set.tgz" where plugins_set.tgz is a recent plugins set tarball less than five days old. A stale plugins set older than five days will force a full plugins download to occur. You can download a recent plugins set from the Tenable downloads page.

Specify existing agent group or groups where you want to add the agent. If you do not specify an agent group during the install process, you can add your linked agent to an agent group later in Nessus Manager or

Note: The agent group name is case-sensitive and must match exactly.

Note: Quotation marks (") are necessary when listing multiple groups, or one group with spaces in its name. For example:

  • GroupName
  • "Group Name"
  • "Group, Another Group"


Determine the priority of the agent relative to the priority of other tasks running on the system. For valid values and more information on how the setting works, see Agent CPU Resource ControlAgent CPU Resource Control in the Nessus Agent Deployment and User Guide.

NESSUS_NAME Specify the name for your agent. If you do not specify a name for your agent, the name defaults to the name of the computer where you are installing the agent.
NESSUS_CA_PATH Specify a custom CA certificate to use to validate the manager's server certificate.
NESSUS_PROXY_SERVER Specify the hostname or IP address of your proxy server.
NESSUS_PROXY_USERNAME Specify the name of a user account that has permissions to access and use the proxy server.
NESSUS_PROXY_PASSWORD Specify the password of the user account that you specified as the username.
NESSUS_PROXY_AGENT Specify the user agent name, if your proxy requires a preset user agent.

For more information on installing Nessus Agents on Windows, see Install a Nessus Agent on Windows in the Nessus user guide.